From nobody Sat Apr 11 11:11:27 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 01F95C00140 for ; Sat, 13 Aug 2022 01:09:02 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S237471AbiHMBI7 (ORCPT ); Fri, 12 Aug 2022 21:08:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55308 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S237399AbiHMBI6 (ORCPT ); Fri, 12 Aug 2022 21:08:58 -0400 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B837373304 for ; Fri, 12 Aug 2022 18:08:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1660352937; x=1691888937; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Zi/lCjUXpkF6B8O4jozC9jJ60/Hc8bXroWDXph0b3Rk=; b=AWYrgkwdwqh+Te1oqwBBwk5+9RyG5cWoqSg/FL+2lXoh/+Sqblcs5RGE q6lI5qd/ZwUaRIDIcBy757pAiIcuyyr42BZftsHnZ0ZXO7ql0Niqb7xHP +p55qeq2P6reSvKtMSn4isjYmn/v2aoeVbn+Sla6DjPmu7sFYq3cGuskT ySCcfBQqKSwdcI/OE+wKYuhX/ygPk2G/tVZ8gxzJNlIlGUScCXdS4lguN Voj1N904uyCKsSqFsdHv0crHqWEnpavcGzoP7VlZUNOTUibrCWkUMiCPj LnmZnFyfLyEDE/dVADfFhVBO6svcvhtdlAUrA6PjBBBuqYP8LSrSbceD6 Q==; X-IronPort-AV: E=McAfee;i="6400,9594,10437"; a="271488706" X-IronPort-AV: E=Sophos;i="5.93,233,1654585200"; d="scan'208";a="271488706" Received: from fmsmga008.fm.intel.com ([10.253.24.58]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Aug 2022 18:08:57 -0700 X-IronPort-AV: E=Sophos;i="5.93,233,1654585200"; d="scan'208";a="666038333" Received: from akoska-mobl1.ger.corp.intel.com (HELO hades.ger.corp.intel.com) ([10.252.36.156]) by fmsmga008-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Aug 2022 18:08:54 -0700 From: Gwan-gyeong Mun To: intel-gfx@lists.freedesktop.org Cc: linux-kernel@vger.kernel.org, dri-devel@lists.freedesktop.org, mchehab@kernel.org, chris@chris-wilson.co.uk, matthew.auld@intel.com, thomas.hellstrom@linux.intel.com, jani.nikula@intel.com, nirmoy.das@intel.com, airlied@linux.ie, daniel@ffwll.ch, andi.shyti@linux.intel.com, andrzej.hajda@intel.com Subject: [PATCH v6 1/8] overflow: Move and add few utility macros into overflow Date: Sat, 13 Aug 2022 04:08:50 +0300 Message-Id: <20220813010857.4043956-2-gwan-gyeong.mun@intel.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20220813010857.4043956-1-gwan-gyeong.mun@intel.com> References: <20220813010857.4043956-1-gwan-gyeong.mun@intel.com> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org It moves overflows_type utility macro into overflow header from i915_utils header. The overflows_type can be used to catch the truncation between data types. And it adds safe_conversion() macro which performs a type conversion (cast) of an source value into a new variable, checking that the destination is large enough to hold the source value. And the functionality of overflows_type has been improved to handle the signbit. The is_unsigned_type macro has been added to check the sign bit of the built-in type. v3: Add is_type_unsigned() macro (Mauro) Modify overflows_type() macro to consider signed data types (Mauro) Fix the problem that safe_conversion() macro always returns true v4: Fix kernel-doc markups v6: Move macro addition location so that it can be used by other than drm subsystem (Jani, Mauro, Andi) Change is_type_unsigned to is_unsigned_type to have the same name form as is_signed_type macro Signed-off-by: Gwan-gyeong Mun Cc: Thomas Hellstr=C3=B6m Cc: Matthew Auld Cc: Nirmoy Das Cc: Jani Nikula Cc: Andi Shyti Reviewed-by: Mauro Carvalho Chehab (v5) --- drivers/gpu/drm/i915/i915_utils.h | 5 +-- include/linux/overflow.h | 54 +++++++++++++++++++++++++++++++ 2 files changed, 55 insertions(+), 4 deletions(-) diff --git a/drivers/gpu/drm/i915/i915_utils.h b/drivers/gpu/drm/i915/i915_= utils.h index c10d68cdc3ca..eb0ded23fa9c 100644 --- a/drivers/gpu/drm/i915/i915_utils.h +++ b/drivers/gpu/drm/i915/i915_utils.h @@ -32,6 +32,7 @@ #include #include #include +#include =20 #ifdef CONFIG_X86 #include @@ -111,10 +112,6 @@ bool i915_error_injected(void); #define range_overflows_end_t(type, start, size, max) \ range_overflows_end((type)(start), (type)(size), (type)(max)) =20 -/* Note we don't consider signbits :| */ -#define overflows_type(x, T) \ - (sizeof(x) > sizeof(T) && (x) >> BITS_PER_TYPE(T)) - #define ptr_mask_bits(ptr, n) ({ \ unsigned long __v =3D (unsigned long)(ptr); \ (typeof(ptr))(__v & -BIT(n)); \ diff --git a/include/linux/overflow.h b/include/linux/overflow.h index f1221d11f8e5..462a03454377 100644 --- a/include/linux/overflow.h +++ b/include/linux/overflow.h @@ -35,6 +35,60 @@ #define type_max(T) ((T)((__type_half_max(T) - 1) + __type_half_max(T))) #define type_min(T) ((T)((T)-type_max(T)-(T)1)) =20 +/** + * is_unsigned_type - helper for checking data type which is an unsigned d= ata + * type or not + * @x: The data type to check + * + * Returns: + * True if the data type is an unsigned data type, false otherwise. + */ +#define is_unsigned_type(x) ((typeof(x))-1 >=3D (typeof(x))0) + +/** + * overflows_type - helper for checking the truncation between data types + * @x: Source for overflow type comparison + * @T: Destination for overflow type comparison + * + * It compares the values and size of each data type between the first and + * second argument to check whether truncation can occur when assigning the + * first argument to the variable of the second argument. + * Source and Destination can be used with or without sign bit. + * Composite data structures such as union and structure are not considere= d. + * Enum data types are not considered. + * Floating point data types are not considered. + * + * Returns: + * True if truncation can occur, false otherwise. + */ +#define overflows_type(x, T) \ + (is_unsigned_type(x) ? \ + is_unsigned_type(T) ? \ + (sizeof(x) > sizeof(T) && (x) >> BITS_PER_TYPE(T)) ? 1 : 0 \ + : (sizeof(x) >=3D sizeof(T) && (x) >> (BITS_PER_TYPE(T) - 1)) ? 1 : 0 \ + : is_unsigned_type(T) ? \ + ((x) < 0) ? 1 : (sizeof(x) > sizeof(T) && (x) >> BITS_PER_TYPE(T)) ? 1 := 0 \ + : (sizeof(x) > sizeof(T)) ? \ + ((x) < 0) ? (((x) * -1) >> BITS_PER_TYPE(T)) ? 1 : 0 \ + : ((x) >> BITS_PER_TYPE(T)) ? 1 : 0 \ + : 0) + +/** + * safe_conversion - perform a type conversion (cast) of an source value i= nto + * a new variable, checking that the destination is large enough to hold t= he + * source value. + * @ptr: Destination pointer address + * @value: Source value + * + * Returns: + * If the value would overflow the destination, it returns false. + */ +#define safe_conversion(ptr, value) ({ \ + typeof(value) __v =3D (value); \ + typeof(ptr) __ptr =3D (ptr); \ + overflows_type(__v, *__ptr) ? 0 : ((*__ptr =3D (typeof(*__ptr))__v), 1); \ +}) + /* * Avoids triggering -Wtype-limits compilation warning, * while using unsigned data types to check a < 0. --=20 2.34.1